An update that solves four vulnerabilities and has 44 fixes is now available.

Description:

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.140 to receive
various security and bugfixes.

The following security bugs were fixed:

- CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow
via a large relative timeout because ktime_add_safe was not used
(bnc#1099924)
- CVE-2018-9385: Prevent overread of the "driver_override" buffer
(bsc#1100491)
- CVE-2018-13405: The inode_init_owner function allowed local users to
create files with an unintended group ownership allowing attackers to
escalate privileges by making a plain file executable and SGID
(bnc#1100416)
- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function
could have result in local attackers being able to crash the kernel or
potentially elevate privileges because kmalloc_array is not used
(bnc#1100418)

SUSE CaaS Platform ALL:
To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

SUSE CaaS Platform 3.0:
To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.